Skip to content

Latest commit

 

History

History
7 lines (5 loc) · 939 Bytes

SECURITY.md

File metadata and controls

7 lines (5 loc) · 939 Bytes

Vulnerabilities in GG20

Recently, a number of attacks were announced against The paper One Round Threshold ECDSA with Identifiable Abort by Rosario Gennaro and Steven Goldfeder [GG20]. These include:

  • Dmytro Tymokhanov and Omer Shlomovits. Alpha-Rays: Key Extraction Attacks on Threshold ECDSA Implementations [TS21].
  • Nikolaos Makriyannis and Udi Peled. A Note on the Security of GG18 [MP21].

We have already incorporated and implemented a number of "fixes" to these attacks, described in the Dec. 17, 2021 version of [GG20]. On the other hand, the authors of that paper appear to have declared it "obsolete". In light of this declaration, we cannot attest, given the information we currently have, that the protocol implemented here is secure. We advise caution regarding its use.